Vulners
Lucene search
CVE-2021-42321
🗓️ 10 Nov 2021 00:47:43Reported by microsoftType 
cve🔗 web.nvd.nist.gov📰️ 2 Media mentions👁 1749 Views🌐 WEB
| Reporter | Title | Published | Views | Family All 44 |
|---|---|---|---|---|
 | Microsoft Exchange Server Remote Code Execution Exploit | 26 Feb 202200:00 | – | zdt |
| Microsoft Exchange Server ChainedSerializationBinder Remote Code Execution Exploit | 22 Aug 202200:00 | – | zdt |
 | Exploit for CVE-2021-42321 | 23 Nov 202111:33 | – | gitee |
 | Exploit for CVE-2021-42321 | 23 Nov 202102:26 | – | githubexploit |
 | #StopRansomware: Hive Ransomware | 25 Nov 202212:00 | – | ics |
 | CVE-2021-42321 | 10 Nov 202100:00 | – | attackerkb |
 | Vulristics Command Line Interface, improved Product & Vuln. Type Detections and Microsoft Patch Tuesday November 2021 | 30 Nov 202120:30 | – | avleonov |
 | The vulnerability of the Microsoft Exchange Server mail server, related to insufficient validation of command-line arguments, allows a hacker to execute arbitrary code. | 10 Nov 202100:00 | – | bdu_fstec |
 | CVE-2021-42321 | 10 Nov 202104:00 | – | circl |
 | Microsoft Exchange Server Remote Code Execution Vulnerability | 17 Nov 202100:00 | – | cisa_kev |
10
Node
OROROR
[
{
"vendor": "Microsoft",
"product": "Microsoft Exchange Server 2016 Cumulative Update 21",
"cpes": [
"cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_21:*:*:*:*:*:*"
],
"platforms": [
"x64-based Systems"
],
"versions": [
{
"version": "15.01.0",
"lessThan": "15.01.2308.020",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Microsoft Exchange Server 2019 Cumulative Update 10",
"cpes": [
"cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_10:*:*:*:*:*:*"
],
"platforms": [
"x64-based Systems"
],
"versions": [
{
"version": "15.02.0",
"lessThan": "15.02.0792.019",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Microsoft Exchange Server 2016 Cumulative Update 22",
"cpes": [
"cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_22:*:*:*:*:*:*"
],
"platforms": [
"x64-based Systems"
],
"versions": [
{
"version": "15.0.0",
"lessThan": "15.01.2375.017",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Microsoft Exchange Server 2019 Cumulative Update 11",
"cpes": [
"cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_11:*:*:*:*:*:*"
],
"platforms": [
"x64-based Systems"
],
"versions": [
{
"version": "15.02.0",
"lessThan": "15.02.0986.014",
"versionType": "custom",
"status": "affected"
}
]
}
]| Parameter | Position | Path | Description | CWE |
|---|---|---|---|---|
| build | path | ecp/{build}/exporttool/ | Dynamic exporttool endpoint used to enumerate vulnerable Exchange builds via version strings. | CWE-502 |
| XML payload elements (GetFolder, DeleteUserConfiguration, CreateUserConfiguration, GetClientAccessToken) | request body | ews/exchange.asmx | SOAP/XML requests to Exchange Web Services for deserialization chain exploitation attempts. | CWE-502 |
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
30 Oct 2025 19:17Current
9High risk
Vulners AI Score9
CVSS 26.5
CVSS 3.18.8
EPSS0.93618
SSVC